News

Security flaw hits Internet Explorer and Firefox

Two new security flaws have been discovered in Microsoft's Internet Explorer browser, and one of them may also affect its open source rival, Firefox.

Exploit code for the flaws had already been published on the internet, said the SANS Internet Storm Center security research website, although it added that so far no attacks had been launched using this code.

Attackers can take advantage of the IE and Firefox flaw by using cross-site scripting. The technique enables hackers to view the contents of an open window from a second window open on the user's system. The data can then be stolen.

The number of security flaws that affect both IE and Firefox is slowly rising, as Firefox gains in popularity.

Rogue code writers see Firefox as an increasingly attractive target now that it has more than 10% market share. IE has around 85% of the browser market

The second IE flaw is related to the way certain applications are processed. A user could be tricked into double-clicking on a malicious file, and remote code executed by remote attackers, who could take over the system.

Both Microsoft and Mozilla Foundation are considering issuing patches for the reported problems.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy